FreeBSD Manual Pages
KADMIN(8) BSD System Manager's Manual KADMIN(8) NAME kadmin -- Kerberos administration utility SYNOPSIS kadmin [-p string | --principal=string] [-K string | --keytab=string] [-c file | --config-file=file] [-k file | --key-file=file] [-r realm | --realm=realm] [-a host | --admin-server=host] [-s port number | --server-port=port number] [-l | --local] [-h | --help] [-v | --version] [command] DESCRIPTION The kadmin program is used to make modifications to the Kerberos data- base, either remotely via the kadmind(8) daemon, or locally (with the -l option). Supported options: -p string, --principal=string principal to authenticate as -K string, --keytab=string keytab for authentication principal -c file, --config-file=file location of config file -k file, --key-file=file location of master key file -r realm, --realm=realm realm to use -a host, --admin-server=host server to contact -s port number, --server-port=port number port to use -l, --local local admin mode If no command is given on the command line, kadmin will prompt for com- mands to process. Commands include: add [-r | --random-key] [--random-password] [-p string | --password=string] [--key=string] [--max-ticket-life=lifetime] [--max-renewable-life=lifetime] [--attributes=attributes] [--expiration-time=time] [--pw-expiration-time=time] principal... creates a new principal passwd [-r | --random-key] [--random-password] [-p string | --password=string] [--key=string] principal... changes the password of an existing principal delete principal... removes a principal del_enctype principal enctypes... removes some enctypes from a principal. This can be useful the service belonging to the principal is known to not handle certain enctypes ext_keytab [-k string | --keytab=string] principal... creates a keytab with the keys of the specified principals get [-l | --long] [-s | --short] [-t | --terse] expression... lists the principals that match the expressions (which are shell glob like), long format gives more information, and terse just prints the names rename from to renames a principal modify [-a attributes | --attributes=attributes] [--max-ticket-life=lifetime] [--max-renewable-life=lifetime] [--expiration-time=time] [--pw-expiration-time=time] [--kvno=number] principal modifies certain attributes of a principal privileges lists the operations you are allowed to perform When running in local mode, the following commands can also be used: dump [-d | --decrypt] [dump-file] writes the database in "human readable" form to the specified file, or standard out init [--realm-max-ticket-life=string] [--realm-max-renewable-life=string] realm initializes the Kerberos database with entries for a new realm. It's possible to have more than one realm served by one server load file reads a previously dumped database, and re-creates that data- base from scratch merge file similar to list but just modifies the database with the en- tries in the dump file SEE ALSO kadmind(8), kdc(8) HEIMDAL September 10, 2000 HEIMDAL
NAME | SYNOPSIS | DESCRIPTION | SEE ALSO
Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=kadmin&sektion=8&manpath=FreeBSD+5.3-RELEASE>